Description Andrew Cooks (RETIRED) 2003-11-24 06:07:10 UTC

Samba 3.0.0-r1 has a problem binding to a "ldap admin dn" if one of the
attributes contains spaces.

I was able to setup openldap and connect to it, but Samba cannot bind to it. I
suspect it's a matter of inconsistent string handling. 

If I use 
ldap admin dn = "cn=Manager,o='University of Pretoria',c=ZA"
to store the secret, things break completely. The only way I could get it
semi-working, is to remove the quotes while storing the secret and use quotes
while binding, with restarts after changes to the config.

The second problem is that credentials in secrets.tdb cannot be updated without
deleting the file.

Reproducible: Always
Steps to Reproduce:
1. Setup Openldap with base dn that contains spaces
2. Setup Samba
3. Store credentials in secrets.tdb
4. Let Samba connect to Openldap
Actual Results:  
Samba connects to Openldap service, but cannot provide the correct credentials.

Expected Results:  
Bind with correct credentials

Portage 2.0.49-r15 (default-x86-1.4, gcc-3.2.3, glibc-2.3.2-r3, 2.4.20-gentoo-r7)
=================================================================
System uname: 2.4.20-gentoo-r7 i686 Pentium III (Coppermine)
Gentoo Base System version 1.4.3.10p1
ACCEPT_KEYWORDS="x86"
AUTOCLEAN="yes"
CFLAGS="-O3 -mcpu=pentium3 -funroll-loops -pipe"
CHOST="i686-pc-linux-gnu"
COMPILER="gcc3"
CONFIG_PROTECT="/etc /var/qmail/control /usr/share/config
/usr/kde/2/share/config /usr/kde/3/share/config"
CONFIG_PROTECT_MASK="/etc/gconf /etc/env.d"
CXXFLAGS="-O3 -mcpu=pentium3 -funroll-loops -pipe"
DISTDIR="/usr/portage/distfiles"
FEATURES="sandbox ccache autoaddcvs"
GENTOO_MIRRORS="ftp://ftp.up.ac.za/mirrors/gentoo.org/gentoo
ftp.is.co.za/linux/distributions/gentoo"
MAKEOPTS="-j3"
PKGDIR="/usr/portage/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY=""
SYNC="rsync://ftp.up.ac.za/gentoo-portage"
USE="x86 apm crypt cups foomaticdb gif jpeg libwww mad ncurses nls png slang
spell xml2 zlib gdbm berkdb readline java mysql gpm tcpd pam ssl perl python
ldap acl clamav cscope fbcon imap innodb jikes junit lmtp mbox mcal nptl oav
ppds samba sasl slp sse -oss -arts -avi -encode -gtk -imlib -kde -gnome -libg++
-mikmod -motif -mpeg -oggvorbis -opengl -pdflib -qt -quicktime -sdl -svga
-truetype -X -xmms -xv"

--------------
ades root # ACCEPT_KEYWORDS="~x86" etcat -u samba-3.0.0-r1
[ Colour Code : set unset ]
[ Legend      : (U) Col 1 - Current USE flags        ]
[             : (I) Col 2 - Installed With USE flags ]

 U I [ Found these USE variables in : net-fs/samba-3.0.0-r1 ]
 - - kerberos : Adds kerberos support
 + + mysql    : Adds mySQL support
 - - xml      : Check/Support flag for XML library (version 1)
 + + acl      : Adds support for Access Control Lists
 + + cups     : Add support for CUPS (Common Unix Printing System)
 + + ldap     : Adds LDAP support (Lightweight Directory Access Protocol)
 + + pam      : Adds support PAM (Pluggable Authentication Modules)
 + + readline : enables support for libreadline, a GNU line-editing library that
most everyone wants.
 + + python   : Adds support/bindings for the Python language
 + + oav      : Adds support for anti-virus from the openantivirus.org project

---------
hades root # etcat -u openldap
[ Colour Code : set unset ]
[ Legend      : (U) Col 1 - Current USE flags        ]
[             : (I) Col 2 - Installed With USE flags ]

 U I [ Found these USE variables in : net-nds/openldap-2.0.27-r4 ]
 + + ssl      : Adds support for Secure Socket Layer connections
 + + tcpd     : Adds support for TCP wrappers
 + + readline : enables support for libreadline, a GNU line-editing library that
most everyone wants.
 - - ipv6     : Adds support for IP version 6
 + + berkdb   : Adds support for sys-libs/db (Berkeley DB for MySQL)
 + + gdbm     : Adds support for sys-libs/gdbm (GNU database libraries)
 - - kerberos : Adds kerberos support
 - - odbc     : Adds ODBC Support (Open DataBase Connectivity)